I am using Passenger with Nginx to serve Rails applications. Although I was thinking about moving to Puma because of some technical reasons, I still think that Passenger is a solid, prooved and good webserver for Rails applications.
As you already know, we are waiting for HTTP/2 and SPDY. SPDY is basically the same as HTTP but does always include TLS encryption and is able to use multiplexing (plus other cool features). This means parallel transfer of assets because only one connection per client is required. Woot!
Passenger does not include SPDY from scratch but Phusion is providing a patched binary you can integrate. As of this writing, the binary does support SPDY/2. Here is a list how to integrate the binary. I assume you have compiled Nginx with Passenger. Please do read first the whole list and start the work afterwards.
1. Follow the guide
Hongli Lai (@honglilai) has written a guide, how to use Nginx and SPDY. Read the steps here: Use Nginx + SPDY, without compiling Nginx and without a recent OpenSSL but do not start immediately.
I am not sure why the title has “without a recent OpenSSL” because you will see later, that the tests for the Heartbleed bug do pass.
2. Follow these steps
We do have a working Nginx installation already, so there is no need to install Nginx (as stated in the guide). What we need is the patched binary and replace the existing one. I have asked Hongli in the comments below the post about why there is no nginx tar anymore. It is just renamed. Hongli has upgraded the blog post thankfully. Here is what you need to do:
a. Add the deb source from Phusion to your sources.list.
On Ubuntu, simply add a file in the sources.list.d directory
and add this content:
deb https://oss-binaries.phusionpassenger.com/apt/passenger precise main
b. Upgrade your system
sudo apt-get update sudo apt-get upgrade
You MAY receive ERRORS. Don’t worry and keep on going.
c. Download the binary
As of this writing it is the source below. It may be different when you read this post. You can simply check https://oss-binaries.phusionpassenger.com/binaries/passenger/by_release. It is VERY important, that the binaries version is the exact same version as of your Nginx installation.
curl -O https://oss-binaries.phusionpassenger.com/binaries/passenger/by_release/4.0.41/webhelper-1.4.7-x86_64-linux.tar.gz curl -O https://oss-binaries.phusionpassenger.com/binaries/passenger/by_release/4.0.41/webhelper-1.4.7-x86_64-linux.tar.gz.asc
d. Get the developers gpg key and verify the tar archive
gpg --recv-keys AC40B2F7 gpg --verify webhelper-1.4.7-x86_64-linux.tar.gz.asc
No errors should show up.
e. Extract the archive and rename the binary to nginx
As written in the guide by Hongli, Phusion renamed the binary to PassengerWebHelper. Simply rename it to nginx.
tar xzvf webhelper-1.4.7-x86_64-linux.tar.gz mv PassengerWebHelper nginx
f. Copy the binary to the correct place. It may be different in your system depending on where you have installed Nginx
sudo cp /usr/sbin/nginx nginx.original sudo /etc/init.d/nginx stop sudo cp nginx /usr/sbin/
g. Update your Nginx vhost configuration.
For the regarding SSL domain, yop need to add the keyword spdy to the listen directive:
listen 443 default_server ssl spdy deferred;
h. Restart nginx
sudo /etc/init.d/nginx restart
i. Check if SPDY is activated
j. Check that the doamin is not vulnerable agints the Heartbleed bug
If everything works, you should now have SPDY support for your Rails application. Go and check out the parallel transfer of the sources in your browsers developer toolbar and enjoy :-)